VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202604-1987 CVE-2026-31923 Apache Software Foundation of APISIX Vulnerability in plaintext transmission of important information in CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to `ssl_verify` in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue. 3.16.0 It is recommended to upgrade to .All information handled by the software may be leaked to the outside. In addition, information handled by the software will not be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability will not affect other software
VAR-202604-1913 CVE-2026-31908 Apache Software Foundation of APISIX Vulnerability in sanitizing special elements in CVSS V2: -
CVSS V3: 9.1
Severity: CRITICAL
Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue. 3.16.0 It is recommended to upgrade to .All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software will not stop. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-1914 CVE-2025-40745 Siemens' Simcenter 3d Vulnerabilities related to certificate validation in multiple products, including CVSS V2: -
CVSS V3: 3.7
Severity: Medium
A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Tecnomatix Plant Simulation (All versions < V2504.0008). Affected applications do not properly validate client certificates to connect to Analytics Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Man-in-the-Middle They may carry out an attack.- Some of the information handled by the software may be leaked to external parties. - No rewriting will occur to the information handled by the software. - The software will not stop
VAR-202604-2239 CVE-2026-6024 Shenzhen Tenda Technology Co.,Ltd. of i6  Path traversal vulnerability in firmware CVSS V2: 7.5
CVSS V3: 7.3
Severity: Medium
A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-2498 CVE-2026-6016 Shenzhen Tenda Technology Co.,Ltd. of AC9  Multiple vulnerabilities in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used. The attack code is publicly available and could be exploited.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-3433 CVE-2026-6015 Shenzhen Tenda Technology Co.,Ltd. of AC9  Multiple vulnerabilities in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. An exploit is publicly available and can be exploited in the wild.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-1660 CVE-2026-35063 OpenPLC Project of OpenPLC_v3  Lack of Authentication Vulnerability in Firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
OpenPLC_V3 REST API endpoint checks for JWT presence but never verifies the caller's role. Any authenticated user with role=user can delete any other user, including administrators, by specifying their user ID or they can create new accounts with role=admin, escalating to full administrator access. role=admin You can create a new account to gain full administrator access.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-1661 CVE-2026-35556 OpenPLC Project of OpenPLC_v3  Vulnerability regarding plaintext storage of authentication information in firmware CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
OpenPLC_V3 is vulnerable to a Plaintext Storage of a Password vulnerability that could allow an attacker to retrieve credentials and access sensitive information. In addition, information handled by the software will not be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability will not affect other software
VAR-202604-1659 CVE-2026-28205 OpenPLC Project of OpenPLC_v3  Vulnerability in firmware where resources are initialized to insecure default values CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
OpenPLC_V3 is vulnerable to an Initialization of a Resource with an Insecure Default vulnerability which could allow an attacker to gain access to the system by bypassing authentication via an API. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-2496 CVE-2026-5962 Shenzhen Tenda Technology Co.,Ltd. of ch22  Path traversal vulnerability in firmware CVSS V2: 7.5
CVSS V3: 7.3
Severity: Medium
A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. The exploit has already been exposed and is at risk of being misused.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-3227 CVE-2026-5849 Shenzhen Tenda Technology Co.,Ltd. of I12  Path traversal vulnerability in firmware CVSS V2: 7.5
CVSS V3: 7.3
Severity: Medium
A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This exploit is public and could be exploited.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-2234 CVE-2026-5844 D-Link Corporation of DIR-882  Multiple vulnerabilities in firmware CVSS V2: 8.3
CVSS V3: 7.2
Severity: High
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-4084 CVE-2026-5830 Shenzhen Tenda Technology Co.,Ltd. of AC15  Multiple vulnerabilities in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-1896 CVE-2025-52222 D-Link Corporation of di-8003  Classic buffer overflow vulnerabilities in multiple products, including firmware CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. DoS ) attacks.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-1751 CVE-2025-52221 Shenzhen Tenda Technology Co.,Ltd. of AC6  Multiple vulnerabilities in firmware CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-1938 CVE-2025-45059 D-Link Corporation of di-8300  Classic buffer overflow vulnerability in firmware CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. DoS ) may causeInformation handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-1754 CVE-2025-45058 D-Link Corporation of di-8300  Classic buffer overflow vulnerability in firmware CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fx parameter in the jingx_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. DoS ) may cause attacks.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-1753 CVE-2025-45057 D-Link Corporation of di-8300  Classic buffer overflow vulnerability in firmware CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. DoS ) attacks.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
VAR-202604-0223 CVE-2025-65116 JP1/IT Desktop Management 2, JP1/NETM/DM  Multiple vulnerabilities in CVSS V2: -
CVSS V3: 5.5
Severity: MEDIUM
Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13. Please check vendor information for potential impact
VAR-202604-0222 CVE-2025-65115 JP1/IT Desktop Management 2, JP1/NETM/DM  Multiple vulnerabilities in CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13. Please check vendor information for potential impact